Newsquest Media Group
May 13, 2024
•[ hack, technology ]
A group declaring itself to be first-class Russian hackers deface potentially hundreds of local and regional British newspaper websites belonging to Newsquest Media Group.
Landmark Admin
May 13, 2024
•[ leak, hack, government ]
Insurance administrative services company Landmark Admin warns that a data breach impacted over 800,000 people from a May cyberattack.
Balticom
May 9, 2024
•[ hack, technology ]
Balticom, a Latvian television network, is also hijacked to air the Moscow parade
PyPI
May 9, 2024
•[ hack, malware, technology ]
GhostAction abused malicious GitHub Actions workflows to exfiltrate thousands of secrets (incl. PyPI tokens). PyPI found no evidence of malicious package publishes, revoked affected tokens, and issued guidance; campaign window early Sept 2025
Kosovo government websites
May 7, 2024
•[ hack, ddos, government ]
Pro-Russia threat actors target Kosovo government websites, including the websites of the president and prime minister, with DDoS attacks. The attacks are a retaliation for Kosovos support of Ukraine with military equipment.
Coradix-Magnescan
May 7, 2024
•[ hack, healthcare ]
Coradix-Magnescan, a French company that provides medical radiological imaging, warns patients it is currently dealing with a cyberattack that risks complicating their appointments.
Mālama I Ke Ola Health Center
May 4, 2024
•[ hack, healthcare ]
The Mlama I Ke Ola Health Center discloses to have suffered a cyberattack
Undisclosed crypto investor
May 3, 2024
•[ financial, hack, phishing ]
An individual loses around $71 million worth of bitcoin in what appears to be an address poisoning attack. A week later the author of the attack returns the stolen bounty.
Human Events
May 2, 2024
•[ hack, leak ]
The conservative news website Human Events is also hacked and replaced with a page leaking private information.
The Post Millennial
May 2, 2024
•[ hack, misconfiguration, technology ]
In May 2024, the conservative news website The Post Millennial suffered a data breach. The breach resulted in the defacement of the website and links posted to 3 different corpuses of data including hundreds of writers and editors (IP, physical address and email exposed), tens of thousands of subscribers to the site (name, email, username, phone and plain text password exposed), and tens of millions of email addresses from thousands of mailing lists alleged to have been used by The Post Millennial (this has not been independently verified). The mailing lists appear to be sourced from various campaigns not necessarily run by The Post Millennial and contain a variety of different personal attributes including name, phone and physical address (depending on the campaign). The data was subsequently posted to a popular hacking forum and extensively torrented.
South African Department of Justice and Constitutional Development
May 1, 2024
•[ hack, financial, government ]
The South African Department of Justice and Constitutional Development (DJ&CD) suffers a cyber security incident affecting child maintenance payments.
Brosix and Chatox
May 1, 2024
•[ hack, misconfiguration, technology ]
Brosix and Chatox promised secure messaging, but threat actors accessed unprotected backups containing highly sensitive pharmacy and patient communications
El Centro Del Barrio (CentroMed)
April 30, 2024
•[ hack, healthcare ]
San Antonio-based healthcare provider El Centro Del Barrio (which operates as CentroMed) is informing 400,000 patients that their personal and protected health information was compromised in a recent cyberattack.
Pacific Guardian Life Insurance
April 25, 2024
•[ financial, hack, finance ]
Pacific Guardian Life Insurance says that 165,000 people had their financial info stolen in 2023 attack.
Kansas City Scout Traffic Management System
April 25, 2024
•[ hack, government ]
The Kansas City Scout System is taken down by a cyberattack.for 3 months
Czech News Agency (CTK)
April 24, 2024
•[ hack, government ]
An unidentified threat actor hacks the website of Czech News Agency (CTK) a government-owned Czech news service, and publishes a fake story claiming that an assassination attempt had been made against the newly elected Slovak president, Petr Pellegrini.
Tappware
April 23, 2024
•[ hack, misconfiguration, technology ]
In April 2024, a substantial volume of data was taken from the Bangladeshi IT services provider Tappware and published to a popular hacking forum. Comprising of 95k unique email addresses, the data also included extensive labour information on local citizens including names, physical addresses, job titles, dates of birth, genders and scans of government issued national identity (NID) cards.
Tipton Wastewater Treatment Plant
April 20, 2024
•[ hack ]
The Cyber Army of Russia claims responsibility for a cyber attack to the Tipton Wastewater Treatment Plant. An investigation by Mandiant claims that this group may be linked operationally to APT44 GRU Sandworm
Government of British Columbia
April 18, 2024
•[ hack, government ]
The Government of British Columbia is investigating multiple "cybersecurity incidents" that have impacted the Canadian province's government networks.
Grodno Azot
April 17, 2024
•[ hack, manufacturing ]
Belarusian politically motivated hacktivists from the Belarusian Cyber-Partisans group claim to have attacked the countrys largest state-run manufacturer of fertilizers, Grodno Azot, for its alleged involvement in political repression, sanctions evasion, and human rights violations.
